On 19 January 2012, the United States Department of Justiceseized the domain names and closed down the sites associated with Megaupload after the owners were arrested and indicted for allegedly operating as an organization dedicated to copyright infringement.[3] Subsequently, HK$330 million (approximately US$42 million) worth of assets were frozen by the Customs and Excise Department of Hong Kong.[4] The company's founder, New Zealand resident Kim Dotcom, has denied any wrongdoing, and the case against Dotcom has been the subject of controversy over its legality.[5] In 2017, a New Zealand judge ruled that Dotcom should be extradited to the United States, but Dotcom remains at liberty in New Zealand pending the results of an appeal.[6] The shutdown of Megaupload led to denial-of-service (DoS) attacks on a range of websites belonging to the U.S. government and copyright organizations by the Hacktivist group Anonymous.[7][8]

On 19 January 2013 (2013-01-19), Megaupload was re-launched as Mega under the domain name mega.co.nz (later moved to mega.nz). The re-launch date was chosen to coincide with the one-year anniversary of Megaupload's takedown by the U.S. Federal Bureau of Investigation.[9]

The company's registered office was on the 12th floor of the Shanghai Industrial Investment Building in Room 1204 in Wan Chai, Hong Kong.[10][11][12]

The company web services included Megaupload.com, a one-click hosting service; Megapix.com, an image hosting; Megavideo.com and Megalive.com, video hosting services; and Megabox.com, a music hosting service. Other services included Megaclick, Megafund, Megakey and Megapay, all of which were advertisement and financial services. Two additional services—Megabackup and Megamovie—were in development before their closure.[13]

Website

Description of Service

Megavideo.com

Megavideo.com was an associated, ad-supported video hosting service. For non-members, it was time-limited; it blocked itself after 72 minutes, and then allowed users to resume watching after a 30-minute period.

Megapix.com

Launched in late 2010, Megapix.com allowed for the uploading of images, competing with other image-hosting services such as Photobucket, ImageShack, TinyPic, Imgur and others.

Megaupload also released its upload/download manager, Mega Manager,[19] a download manager that featured a link-checker for Megaupload links as well as options to manage uploaded files, and to access the online control box that was on MegaUpload.

Megakey was an adware application which removed bandwidth limitations on Mega services during "happy hour" periods. In return, the users running Megakey agreed to supply some personal identification and demographic data and to allow the substitution of ads on third party websites they visited with those of Megaupload.

Megabox, a new form of media downloading site, was the first of its kind. Kim "Dotcom" described Megabox as "very similar to iTunes" except that it operated in a web browser using HTML5 technology and loaded "much faster than iTunes or anything else out there".[20]

Although incorporated in Hong Kong, the company did not operate in Hong Kong. From 2009 onward, users with Hong Kong IP addresses were banned from accessing the site. The reason for the block was never disclosed by Megaupload,[21] but Hong Kong Customs officials have suggested that the block was an attempt to hinder law enforcement investigation.[22]

From 9 June 2011 onward, the Malaysian government through Malaysian Communications and Multimedia Commission ordered all ISPs in Malaysia to block Megaupload and Megavideo. Some ISPs reportedly blocked all the sites on the list while other ISPs throttled connection speeds.[24]

In July 2011, access to Megaupload and Megavideo were blocked in India for Reliance Entertainment customers,[25] after a court order was obtained, citing illegal copies of the 2011 film Singham on file hosting sites.[26]

For a short time after the closure of the site, users could access material via Google's web cache and The Internet Archive. One day after the indictment Google and Archive.org voluntarily removed the site mirrors to avoid the responsibility of hosting a website taken down for copyright infringement.[8]

In January 2011, MarkMonitor published a report entitled "Traffic Report: Online Piracy and Counterfeiting", which said that Megaupload and Megavideo were, along with RapidShare, the top three websites classified as "digital piracy", with more than 21 billion visits per year.[29] Megaupload responded by stating: "Activity that violates our terms of service or our acceptable use policy is not tolerated, and we go to great lengths to swiftly process legitimate DMCA takedown notices".[30] Mark Mulligan, an analyst at Forrester Research, pointed out that the number of visits did not necessarily indicate the number of downloads of illegal material.[31]

Megaupload Toolbar was said[by whom?] to redirect users to a custom error page when a 404 error occurred in the user's browser. It was also said to contain spyware.[32] FBM Software said that the Megaupload toolbar is free of spyware.[33]

When a file is uploaded to Megaupload and another file with the same hash is already found to exist, the uploader is asked if they would like to link to the already existing file. Therefore, a single file may contain multiple links to it. This has caused some controversy, since when a DMCA takedown notice is issued only the link that was provided is removed; not necessarily the file itself.[34]

On 9 December 2011, Megaupload published a music video entitled "The Mega Song", showing artists including Kanye West, Alicia Keys and will.i.am endorsing the company.[35]Snoop Dogg appeared in earlier versions of the video.[36][37][38] The music video was also uploaded to YouTube,[39] but was removed following a takedown request by the record company Universal Music Group (UMG). Megaupload said that the video contained no infringing content, commenting: "we have signed agreements with every featured artist for this campaign".[40] Megaupload requested an apology from UMG, and filed a lawsuit against the company in the United States District Court for the Northern District of California, on 12 December 2011.[41][42] UMG denied that the takedown was ordered under the terms of the Digital Millennium Copyright Act, and said that the takedown was "pursuant to the UMG-YouTube agreement," which gives UMG "the right to block or remove user-posted videos through YouTube's CMS (Content Management System) based on a number of contractually specified criteria."[43] The video was subsequently returned to YouTube, with the reasons for the UMG takedown remaining unclear.[44] YouTube stated: "Our partners do not have the right to take down videos from YT unless they own the rights to them or they are live performances controlled through exclusive agreements with their artists, which is why we reinstated it."[45][46] Lawyers for will.i.am initially said that he had never agreed to the project, but on 12 December, he denied any involvement in the takedown notice.[47]

The seized domain name redirected to this photo of the joint FBI, DoJ, and NIPRCC notice of U.S. crime charges.

On 19 January 2012 the United States Department of Justice seized and shut down the file-hosting site Megaupload.com and commenced criminal cases against its owners and others. The lead prosecutor, Neil MacBride, had formerly served as Vice President, Anti-Piracy and General Counsel, of the Business Software Alliance, where he oversaw global anti-piracy enforcement and copyright policy. On 20 January Hong Kong Customs froze more than 300 million Hong Kong dollars (US$39 million) in assets belonging to the company.[48]

Acting upon a US Federal prosecutor's request, the New Zealand Police arrested Dotcom and three other Megaupload executives in a leased $30 million mansion at Coatesville near Auckland on Friday, 20 January 2012 (NZDT, UTC+13).[49] This was pursuant to a request from the U.S. Federal Bureau of Investigation that the four be extradited for racketeering and money laundering.[50] The raid was timed for the birthday celebration of Dotcom.[51] Assets worth $17 million including art works and cars were seized. The four men arrested were Kim Dotcom (founder; 38 years old, from Germany), Finn Batato (CMO; 38, from Germany), Mathias Ortmann (CTO and co-founder; 40, from Germany) and Bram van der Kolk (29, from the Netherlands).[52][53][54][55]

On 23 January, Dotcom appeared in Auckland's North Shore District Court for a bail hearing. The crown argued against bail on the basis that he was a flight risk with a helicopter on his front lawn, while defence lawyers argued that the helicopter could not fly far enough to reach another country. They also said that Dotcom denied any criminal wrongdoing. Judge David McNaughton expressed concern at the discovery of two shotguns at Dotcom's mansion during the police raid,[56] and deferred a decision on whether to grant bail, saying that he needed more time to review the submissions.[57] The request for bail was turned down, with Judge McNaughton saying that "he was denied due to the risk [that] Mr. Dotcom would flee jurisdiction and the possibility that if he reached Germany he wouldn't be extradited to face the charges".[58] On 3 February 2012, an appeal to the High Court of New Zealand upheld the decision to deny bail.[59]

On 22 February 2012, North Shore District Court Judge Nevin Dawson overturned the previous rulings and granted bail to Kim Dotcom,[60] saying that the risk of flight had diminished after his assets had been seized.[61]

On 5 March 2012, a formal request for the extradition to the United States of Kim Dotcom and three other senior Megaupload staff was filed in a New Zealand court.[62]

On 30 April 2012, the New Zealand High Court ruled that around $750,000 of Kim Dotcom's assets could be returned, including a Mercedes-Benz G55 AMG and Toyota Vellfire that had been seized during the raid on his home. The assets in 63 bank accounts and around thirty other vehicles remained in custody.[63] A paperwork error by the New Zealand authorities meant that Kim Dotcom's property had been seized in January 2012 without giving proper notice. The restraining order on his property was granted in April 2012. During April 2012, US district court judge Liam O'Grady stated "I frankly don't know that we are ever going to have a trial in this matter," as he found out that the company had never been formally served with criminal papers by the US.

On 28 June 2012, New Zealand High Court judge Justice Helen Winkelmann ruled that the search warrants used to raid the home of Kim Dotcom were invalid, saying "The warrants did not adequately describe the offences to which they related. They were general warrants, and as such, are invalid."[64]

On 10 July 2012, a decision on whether Kim Dotcom and other Megaupload employees should be extradited to the United States was delayed until March 2013, in order to allow further time for legal arguments to be heard.[65] New Zealand judge Justice Helen Winklemann said that U.S. authorities would need to provide evidence of "Internet piracy" before Dotcom was extradited.[66]

On 24 September 2012, New Zealand's Prime Minister John Key ordered an inquiry into whether staff at the Government Communications Security Bureau had unlawfully spied on Kim Dotcom and the other defendants in the case. Key commented "I expect our intelligence agencies to operate always within the law. Their operations depend on public trust."[67]

On 7 July 2014, it was reported that the proceedings to extradite Dotcom from New Zealand to the USA had been delayed until February 2015.[68]

On 8 September 2014, the Court of Appeal ruled that the New Zealand Police is to return seized electronic devices unencrypted back to Dotcom and those involved.[69]

On 23 December 2015, New Zealand judge Nevin Dawson ruled that Kim Dotcom, as well as three of his colleagues, can be extradited to the United States to face copyright infringement charges.[70] Mr. Dotcom's lawyers said they would appeal the decision.

Media reports covering the case highlighted several points from the indictment used to support claims of illegal activity. The indictment provided instances alleged to show criminal behaviour, as well as indicating design points of Megaupload's operating model as being evidence of criminal intent:[1]

In practice, the "vast majority" of users do not have any significant long term private storage capability. Continued storage is dependent upon regular downloads of the file occurring. Files that are infrequently accessed are rapidly removed in most cases, whereas popular downloaded files are retained. (items 7–8)

Because only a small portion of users pay for storage, the business is dependent upon advertising. Adverts are primarily viewed when files are downloaded and the business model is therefore not based upon storage but upon maximizing downloads. (items 7–8)

Persons indicted have "instructed individual users how to locate links to infringing content on the Mega Sites ... [and] ... have also shared with each other comments from Mega Site users demonstrating that they have used or are attempting to use the Mega Sites to get infringing copies of copyrighted content." (item 13)

Persons indicted, unlike the public, are not reliant upon links to stored files, but can search the internal database directly. It is said[by whom?] they have "searched the internal database for their associates and themselves so that they may directly access copyright-infringing content". (item 14)

A comprehensive takedown method is in use to identify child pornography, but not deployed to remove infringing content. (item 24)

Infringing users did not have their accounts terminated, and the defendants "made no significant effort to identify users who were using the Mega Sites or services to infringe copyrights, to prevent the uploading of infringing copies of copyrighted materials, or to identify infringing copies of copyrighted works" (items 55–56)

An incentive program was adopted encouraging the upload of "popular" files in return for payments to successful uploaders. (item 69e et al.)

Defense attorney Ira Rothken says that the raid was unjustly swift and did not give his client the opportunity to defend himself, quoting a similar case involving YouTube as an example of a completely different turnout.[73][74]

Legal commentators point out that while the indictment may be correct and Megaupload might have acted as a criminal conspiracy as said, a number of points in the indictment are based upon selective interpretations and legal concepts (described in one article as "novel theories" of the law[75]) and could be challenged in court. A Los Angeles Times analysis stated that the author was "struck by how far the indictment goes to find something nefarious";[75] likewise a TechDirt analysis concluded that while the founder of Megaupload had a significant history of "flounting the law", evidence has potentially been taken out of context or misrepresented and could "come back to haunt other online services who are providing perfectly legitimate services".[76] Both analyses concur that other evidence could show criminality; the concerns were not irrefutable. The legal concerns included:

Indictment cites lack of a site search as evidence supporting criminality, but in other copyright cases having a site search has been described as evidence in support of criminality and in Atari v. RapidSharenot having a site search was agreed by the court as evidence of responsible activity given that some infringing content might exist and be searched for if one existed.[75] In the case of IsoHunt, the presence of a search feature was interpreted as evidence of inducement.[76]TechDirt commented that "To use the lack of a feature, that previously was shown to be a problem, as evidence of a conspiracy is crazy. Damned if you do, damned if you don't."[76]

The "top 100" list excluded copyrighted titles, but the indictment says this was evidence of concealing, rather than avoiding downloads of, infringing materials.[75][76]

The indictment asserts as evidence that no effort was made to identify infringing files or users, in other words by acts of omission. But federal court rulings repeatedly agree that no duty exists to search these out.[75] In particular, in MGM Studios, Inc. v. Grokster, Ltd. the Supreme Court looked at "substantial noninfringing uses"; mere lack of monitoring was not by itself sufficient to show wrongdoing or inducement.[75] It may not be possible (or reasonable to require) the host to know and identify what activity is legitimate or not, as file sharing may be used by many content creators.[76]

Deletion after a limited period of non-download is suggested as evidence of a motive. But many legitimate sites such as Imgur remove unused content after a while to free up server space. If files were routinely deleted after a short period it could equally suggest legitimate use - because it serves users who share legitimately for a short while, and enforces removal afterwards.[76]

Much of the indictment, in the words of one analysis, "seems to be based on the simple assumption that encouraging more usage means they must be encouraging infringement", in other words there should be evidence of actual wrongdoing, not merely evidence of popular use. Many legitimate files are popular and popularly shared, and an assumption that paid use largely equates to infringing use would need evidence.[76]

Failure to remove all links following a takedown request is often legitimate. For example the same content may be uploaded by legitimate and illegitimate users. Removing the infringing link does not affect legitimate uploaders. Removing the infringing file would wrongfully cause it to be deleted for legitimate users too.[76] Similarly, once child pornography is identified, it is always illegal for all users. But other material may be legal for some users and not for others. So the fact one case requires file removal and the other only requires link removal may well be correct conduct.[76]

The indictment includes money laundering charges. But these include "basic payments" for web hosting, suggesting "lumping in"—adding matters that are in no way illegal to make a case look bad.[76]

Megaupload had indicated willingness to attend court in the U.S. already, and answer civil cases.[76]

The US Digital Millennium Copyright Act provides safe harbor for sites that promptly take down infringing content. Safe harbor does not exist if the site has actual knowledge and does nothing about it.[77] Moreover, the DMCA "safe harbor" is less important in criminal cases than civil cases because defeating the first element, lack of knowledge or awareness of infringement, may be easier for the prosecution than meeting the "willfulness" requirement for criminal copyright liability.[78]

In Megaupload's case, the indictment alleges DMCA provisions were used for the appearance of legitimacy – the actual material was not removed, only some links to it were, takedowns agreement was approved based on business growth rather than infringement, and the parties themselves openly discussed their infringing activities. The indictment says that Megaupload executives:

"... are willfully infringing copyrights themselves on these systems; have actual knowledge that the materials on their systems are infringing (or alternatively know facts or circumstances that would make infringing material apparent); receive a financial benefit directly attributable to copyright-infringing activity where the provider can control that activity; and have not removed, or disabled access to, known copyright infringing material from servers they control."[79]

Prosecutors said in the indictment that Megaupload was not DMCA compliant, and cited the example of an alleged infringer on the site known as "VV." Over six years, VV had allegedly uploaded nearly 17,000 files to Megavideo.com, resulting in more than 334 million views. According to prosecutors, although numerous takedown e-mails had been sent, none of the files had been deleted.[80]

In a television interview with 3 News, Kim Dotcom said he was not a "piracy king", and said that Megaupload had applied the provisions of the DMCA and went beyond it, by giving copyright holders direct rights to delete links. He also said that the indictment relied on a malicious interpretation of technical issues to construe its claim of criminal intent, and that there was significant legal use of Megaupload.[81]

Kim Dotcom denied the charges filed against him and retained the services of Ira P. Rothken, an attorney who has defended several copyright infringement cases. Ira Rothken stated that there is no criminal liability for secondary copyright infringement under US law, quoting a similar case involving YouTube as an example of similar accusations which were dealt with as a civil case.[73][74]

Dotcom initially hired Washington, D.C. attorney Robert Bennett, who had confirmed he was going to represent Megaupload in the copyright infringement case.[82][83] On 22 January 2012, Bennett withdrew from the case due to a conflict of interest with another client.[84][85] As of 23 January, attorney Paul Davison was quoted as representing Megaupload's founder, Kim Dotcom, in New Zealand.[86] At the end of April 2012, a controversy emerged over legal representation. The law firm Quinn Emanuel, retained by Megaupload to argue for the retention of Megaupload's data, said in a motion filed to the court that there was a concerted effort by the United States Department of Justice to deny Megaupload fair legal representation. In the brief, Quinn Emanuel alleged that several law firms dropped out of the case after the DoJ informed them of potential conflicts of interest, arguing that they wanted to call clients of the firms as witnesses. Given the size of the Megaupload, Quinn Emanuel said this "conflict of interest" argument could be applied to any law firm with experience in intellectual property rights, denying Megaupload experienced representation in a case where both law and technical issues are involved. Quinn Emanuel received such a letter but rejected the DoJ's arguments.[87]Techdirt argued that while the founder of Megaupload had a significant history of "flouting the law", evidence had potentially been taken out of context or misrepresented and could "come back to haunt other online services who are providing perfectly legitimate services".[76]Eric Goldman, a professor of law at Santa Clara University, described the Megaupload case as "a depressing display of abuse of government authority". He pointed out that criminal copyright infringement requires that willful infringement has taken place, and that taking Megaupload offline had produced the "deeply unconstitutional effect" of denying legitimate users access to their data.[5] Other legal commentators have expressed more skepticism toward Megaupload's likelihood of defending against charges of aiding and abetting copyright infringement on "willfulness" grounds if the allegations of fact in the indictment turn out to be true.[78]

The defence has drawn on procedural errors by the prosecution to challenge the case and in a judgement at the end of May 2012, New Zealand judge David Harvey granted the defendants the right to the disclosure of evidence held by the FBI in preparation for the extradition trial.[88] In his 81-page decision, he came to the assessment that the DoJ is attempting to use concepts of civil law, in particular secondary copyright infringement, in a criminal case, which creates legal issues. He also confirmed that the charges in the indictment relating to money laundering, racketeering and wire fraud are not separate criminal acts but are dependent on the claim of criminal secondary copyright infringement.[89] In a separate development in the United States, the defense has challenged the case against Megaupload as a whole, saying the US has no jurisdiction over a foreign company and the seizure of Megaupload's assets was unlawful.[90] A second brief points out numerous legal errors in the indictment, declaring it "an experiment in stretching U.S. criminal law well past the breaking point."[91]

Following the seizure of Megaupload, concerns were raised as to what would happen to the files that had been uploaded by its users.[92] On 20 January 2012, the Justice Department stated that "It is important to note that Mega clearly warned users to keep copies of any files they uploaded" adding that "Megaupload.com expressly informed users through its Frequently Asked Questions ('FAQs') and its Terms of Service that users have no proprietary interest in any of the files on Megaupload's servers, they assume the full risk of complete loss or unavailability of their data, and that Megaupload can terminate site operations without prior notice."[93] On 27 January 2012, U.S. Attorney Neil H. MacBride wrote:

The Mega Servers are not in the actual or constructive custody or control of the United States, but remain at the premises controlled by, and currently under the control of, Carpathia and Cogent. Should the defendants wish to obtain independent access to the Mega Servers, or coordinate third-party access to data housed on Mega Servers, the issue must be resolved directly with Cogent or Carpathia.[94][95]

In response, on 30 January 2012, Carpathia Hosting denied having access to MegaUpload files and issued a press release stating

Carpathia Hosting does not have, and has never had, access to the content on MegaUpload servers and has no mechanism for returning any content residing on such servers to MegaUpload's customers. The reference to the 2 February 2012 date in the Department of Justice letter for the deletion of content is not based on any information provided by Carpathia to the U.S. Government. We would recommend that anyone who believes that they have content on MegaUpload servers contact MegaUpload. Please do not contact Carpathia Hosting.[96][97]

The Electronic Frontier Foundation has started a campaign to allow legitimate users of Megaupload in the US access to their data and wants the data preserved for that reason. It has chosen to represent one such legitimate user in court and thus has sided with Megaupload and Carpathia in asking the court to retain the data.[98]

On 26 April 2012, Megaupload data negotiations began. Carpathia reported that maintaining the data costs over 9,000 USD a day, and wanted to seek a formal resolution on whether to delete the data or release it to interested parties. United States district court Judge Liam O'Grady ordered all parties to return to the negotiating table. The U.S. Department of Justice noted that 35 million USD had been paid by Megaupload to Carpathia, and alleged that Carpathia had knowingly profited from copyright infringement.[99]

Gizmodo concurred that it was "almost certainly the result of a quickly assembled DDoS [Distributed Denial of Service] attack—and easily the widest in scope and ferocity we've seen in some time", commenting that "if you had any doubts Anonymous is still a hacker wrecking ball, doubt no more".[103] Links posted in chatrooms and on Twitter, when clicked on by unsuspecting Internet users, ran a web version of the application known as the Low Orbit Ion Cannon. On 19 January 2012, Anonymous released a statement on Pastebin.com taking responsibility for the mass attacks on websites including those of RIAA, MPAA, BMI, FBI, and others.[104] According to the RT network, Anonymous described the attacks as "the single largest Internet attack in its history".[103][105]

Former French president Nicolas Sarkozy said he was satisfied with the shutdown of the website. He found the site's operators were reaping "criminal profits from the illegal distribution of copyrighted works". "The time has come for increased judicial and police co-operation between states" in the fight against online copyright infringement, he said in a statement.[107]

People who used Megaupload for personal and business storage, such as large audio and video files for family and work, have also voiced their complaints about the fact that they no longer had access to their files on the service.[116][117] Examples cited in the media included staff at public interest group Public Knowledge who used it for large files, and Android cellphone software writers who described it as "one of the best ways to distribute [software] ... There are a number of similar sites for this use, but Megaupload was always the fastest".[116]

File hosting websites limited the functionality of their services. FileSonic.com, one of the top ten file hosting services, withdrew the ability to share links to files. The site's main page added a banner stating "All sharing functionality on FileSonic is now disabled. Our service can only be used to upload and retrieve files that you have uploaded personally."[118] Other file hosting websites followed suit, including FileServe.com, FileJungle.com, Uploadstation.com, x7.to and 4shared.com, by shutting down, cancelling affiliate programs or allowing users to only download what they themselves uploaded.[119] Another large file-sharing website, Uploaded.to, ceased services for users accessing from United States-based IP addresses.[120]

According to MediaFire CEO Derek Labian, he and his file hosting company are not concerned by the Megaupload incident because "Megaupload was making a ridiculous amount of money with a ridiculously bad service... We don't have a business built on copyright infringement."[121] A spokesperson for RapidShare similarly expressed a lack of concern, saying that "file hosting itself is a legitimate business", pointing out that Microsoft's SkyDrive operates on a similar basis.[122]

BTJunkie, a website indexing torrent files, shut down voluntarily on 6 February 2012.[123] The file hosting site Turbobit.net blocked access to U.S. visitors,[124] and QuickSilverScreen, a site offering streaming video links, closed on 7 February 2012.[125]